Slashdot Mirror
Shattering Windows
ChrisPaget writes: "I've just released a paper documenting and exploiting fundamental flaws in the Win32 API. Essentially, they allow you to take control of any window on your desktop, regardless of whether that window is running as you, localsystem, or anywhere in between. The technique has been discussed before, but AFAIK this is the first working exploit. Oh, did I mention it's unfixable?" You may want to read this CNET interview with Microsoft security head Scott Charney to learn even more about "trustworthy computing."
Microsoft was told about this flaw when it was first discovered 7 years ago. They still haven't fixed it.
In other news, microsoft is sueing the cnet for making a flaw public news. They claim they needed more time to fix it, 7 years just isn't enough time to fix the bug and test the patch...
---
Programming is like sex... Make one mistake and support it the rest of your life.
Does your mouth hurt? You just got trolled.
Moon Macrosystems. Sun's biggest competitor.
and then mod me down. posting this one at +1 to attempt to get some attention...
MORTAR COMBAT!
Noise
They that can give up essential liberty to obtain a little temporary safety deserve neither safety nor liberty.
Ben
Like I said, noise.
They that can give up essential liberty to obtain a little temporary safety deserve neither safety nor liberty.
Ben
NOBODY EXPECTS THE SPANISH INQUISITION!
Our chief weapon is surprise...surprise and fear...fear and surprise.... Our two weapons are fear and surprise...and ruthless efficiency.... Our *three* weapons are fear, surprise, and ruthless efficiency...and an almost fanatical devotion to the Pope.... Our *four*...no... *Amongst* our weapons.... Amongst our weaponry...are such elements as fear, surprise.... I'll come in again.
This is not the greatest sig in the world, no. This is just a tribute.